Can't set up IPv6 for IKEv2 VPN

Can't set up IPv6 for IKEv2 VPN

Hello,

I am trying to set-up an dual-stack IKEv2/IPsec VPN. The server is
OpenBSD (obviously). The clients are macs (so far). IPv4 works, but
I can't get IPv6 working for the clients. The clients get a v6 IP
and a good route, but it seems routing doesn't work on OpenBSD's
side.

# NAT
match in all scrub (no-df random-id max-mss 1440)
match out on egress inet from !(egress:network) to any nat-to (egress:0)
pass quick proto udp from any to self port {isakmp, ipsec-nat-t} keep state
pass on enc0 from any to self keep state (if-bound)

# By default, do not permit remote connections to X11
block return in on ! lo0 proto tcp to port 6000:6010

Re: Can't set up IPv6 for IKEv2 VPN

On Mon, Feb 11, 2019 at 03:32:17PM +0100, Aram Hăvărneanu wrote:
> Hello,
>
> I am trying to set-up an dual-stack IKEv2/IPsec VPN. The server is
> OpenBSD (obviously). The clients are macs (so far). IPv4 works, but
> I can't get IPv6 working for the clients. The clients get a v6 IP
> and a good route, but it seems routing doesn't work on OpenBSD's
> side.